1
0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2024-07-15 23:13:48 +00:00

Automated PR Testing (#2469)

This commit is contained in:
Jonah Aragon 2024-03-31 06:10:46 -05:00 committed by Daniel Gray
parent b536928661
commit 632761cae1
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
63 changed files with 471 additions and 867 deletions

View File

@ -22,7 +22,6 @@ name: "Content Correction"
description: Report any inaccurate, incorrect, or outdated information on the website.
labels: ["t:correction"]
body:
- type: markdown
attributes:
value: |

View File

@ -24,7 +24,6 @@ labels: ["t:bug"]
assignees:
- jonaharagon
body:
- type: markdown
attributes:
value: |

View File

@ -21,7 +21,6 @@
version: 2
registries:
github-privacyguides:
type: git
url: https://github.com
@ -29,7 +28,6 @@ registries:
password: ${{secrets.REPO_PAT}}
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
@ -51,7 +49,6 @@ updates:
interval: "monthly"
labels:
- "fix:submodules"
# Disabled because some updates tend to remove needed dependencies for some reason
# # Maintain dependencies for pipenv

View File

@ -1,113 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Build Offline Website
on:
workflow_call:
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
persist-credentials: 'false'
- uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- name: Python setup
uses: actions/setup-python@v5
with:
cache: 'pipenv'
- uses: actions/cache/restore@v4.0.2
with:
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ github.repository }}-en-${{ github.ref }}-
site-cache-${{ github.repository }}-en-
- name: Install Python dependencies
run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- name: Build website
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CARDS: false
run: |
pipenv run mkdocs build --config-file config/mkdocs-offline.yml
pipenv run mkdocs --version
- name: Package website
run: |
tar -czvf offline.tar.gz site
zip -r -q offline.zip site
- uses: actions/cache/save@v4.0.2
with:
key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- name: Upload tar.gz file
uses: actions/upload-artifact@v4
with:
name: offline.tar.gz
path: offline.tar.gz
- name: Upload zip file
uses: actions/upload-artifact@v4
with:
name: offline.zip
path: offline.zip
- name: Create ZIM File
uses: addnab/docker-run-action@v3
with:
image: ghcr.io/openzim/zim-tools:3.1.3
options: -v ${{ github.workspace }}:/data
run: |
zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/offline-privacy_guides.zim
- name: Upload ZIM file
uses: actions/upload-artifact@v4
with:
name: offline-privacy_guides.zim
path: offline-privacy_guides.zim

View File

@ -1,136 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Build Website
on:
workflow_call:
inputs:
ref:
required: true
type: string
repo:
required: true
type: string
lang:
type: string
default: en
context:
type: string
default: deploy-preview
continue-on-error:
type: boolean
default: true
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
continue-on-error: ${{ inputs.continue-on-error }}
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.ref }}
persist-credentials: 'false'
fetch-depth: 0
- uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- if: inputs.lang != 'en'
run: |
cp -rl modules/repo-i18n/i18n .
cp -rl modules/repo-i18n/includes .
cp -rl modules/repo-i18n/theme .
- uses: actions/setup-python@v5
with:
cache: 'pipenv'
- uses: actions/cache/restore@v4.0.2
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
restore-keys: |
site-cache-${{ inputs.repo }}-${{ inputs.ref }}-
site-cache-${{ inputs.repo }}-
- uses: actions/cache/restore@v4.0.2
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
restore-keys: |
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-
card-cache-${{ inputs.repo }}-${{ inputs.lang }}-
- run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- if: inputs.lang != 'en'
uses: falti/dotenv-action@v1.1
with:
path: includes/strings.${{ inputs.lang }}.env
export-variables: true
keys-case: bypass
- env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CONTEXT: ${{ inputs.context }}
PRODUCTION: true
run: |
pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml
cp -r static/* site/
pipenv run mkdocs --version
tar -czvf site-build-${{ inputs.lang }}.tar.gz site
- uses: actions/cache/save@v4.0.2
with:
key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
path: .cache
- uses: actions/cache/save@v4.0.2
with:
key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
path: |
config/.cache/plugin/social/manifest.json
config/.cache/plugin/social/assets
- uses: actions/upload-artifact@v4
with:
name: site-build-${{ inputs.lang }}.tar.gz
path: site-build-${{ inputs.lang }}.tar.gz

View File

@ -1,33 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Cleanup Artifacts
on:
workflow_call:
jobs:
cleanup:
runs-on: ubuntu-latest
steps:
- uses: geekyeggo/delete-artifact@v5
with:
name: repo-*
failOnError: false

51
.github/workflows/deploy-all.yml vendored Normal file
View File

@ -0,0 +1,51 @@
name: Deploy Website Build
permissions:
contents: read
pages: write
id-token: write
on:
workflow_call:
inputs:
netlify_production:
type: boolean
default: true
github_pages:
type: boolean
default: true
minio_production:
type: boolean
default: true
outputs:
netlify_preview_address:
value: ${{ jobs.netlify.outputs.address }}
secrets:
NETLIFY_TOKEN:
PROD_MINIO_KEY_ID:
PROD_MINIO_SECRET_KEY:
jobs:
netlify:
if: inputs.netlify_production
uses: privacyguides/.github/.github/workflows/deploy-netlify.yml@main
with:
netlify_site_id: ${{ vars.PROD_NETLIFY_SITE }}
environment: production
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
minio:
if: inputs.minio_production
uses: privacyguides/.github/.github/workflows/deploy-minio.yml@main
with:
environment: production
secrets:
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
pages:
if: inputs.github_pages
uses: privacyguides/.github/.github/workflows/deploy-pages.yml@main
with:
environment: github-pages

View File

@ -1,237 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Deploy Website Build
on:
workflow_call:
inputs:
netlify_preview:
type: boolean
netlify_alias:
type: string
netlify_production:
type: boolean
github_pages:
type: boolean
bunnycdn_production:
type: boolean
minio_production:
type: boolean
outputs:
netlify_preview_address:
value: ${{ jobs.netlify_preview.outputs.address }}
secrets:
NETLIFY_TOKEN:
PROD_BUNNYCDN_API_KEY:
PROD_BUNNYCDN_PASSWORD:
PROD_MINIO_KEY_ID:
PROD_MINIO_SECRET_KEY:
jobs:
netlify_preview:
if: inputs.netlify_preview
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
address: ${{ steps.address.outputs.address }}
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
ls -la site/
- uses: actions/setup-node@v4
- run: |
npm install netlify-cli -g
- if: inputs.netlify_preview
name: Limit length of Netlify alias to 12
run: echo "SHORT_ALIAS=`echo ${{ inputs.netlify_alias }} | cut -c1-12`" >> $GITHUB_ENV
- if: inputs.netlify_preview
id: deployment
env:
NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
run: |
netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }}
echo "DEPLOYED_ADDRESS=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_ENV"
- id: address
run: |
echo "address=$DEPLOYED_ADDRESS" >> "$GITHUB_OUTPUT"
netlify_production:
if: inputs.netlify_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://illustrious-bavarois-56cf30.netlify.app/
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
ls -la site/
- uses: actions/setup-node@v4
- run: |
npm install netlify-cli -g
- id: prod_deployment
env:
NETLIFY_SITE_ID: ${{ vars.PROD_NETLIFY_SITE }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
run: |
netlify deploy --dir=site --prod-if-unlocked
github_pages:
if: inputs.github_pages
runs-on: ubuntu-latest
concurrency:
group: "pages"
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
# Grant GITHUB_TOKEN the permissions required to make a Pages deployment
permissions:
contents: read
pages: write # to deploy to Pages
id-token: write # to verify the deployment originates from an appropriate source
steps:
- uses: actions/configure-pages@v5
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: 1arp/create-a-file-action@0.4.4
with:
path: site
file: index.html
content: |
<html lang="en">
<head>
<title>Redirecting to English site...</title>
<meta
http-equiv="refresh"
content="0; URL=./en/"
/>
</head>
</html>
- uses: actions/upload-pages-artifact@v3
with:
path: site
- id: deployment
uses: actions/deploy-pages@main
bunnycdn_production:
if: inputs.bunnycdn_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://privacyguides-org-production.b-cdn.net
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: own3d/bunny-action@bfaa5c6bc8b7a7ebd599ddd4912347d7c3847e78
env:
BUNNY_API_ACCESS_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
BUNNY_STORAGE_HOSTNAME: storage.bunnycdn.com
BUNNY_STORAGE_USERNAME: ${{ vars.PROD_BUNNYCDN_USER }}
BUNNY_STORAGE_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
BUNNY_PULL_ZONE_ID: 2117106
with:
args: deploy --dir=site
minio_production:
if: inputs.minio_production
runs-on: ubuntu-latest
permissions:
contents: read
environment:
name: production
url: https://privacyguides-org-production.stor1-minio.jonaharagon.net
steps:
- uses: actions/download-artifact@v4
with:
pattern: site-build-*
merge-multiple: true
- run: |
for file in *.tar.gz; do tar -zxf "$file"; done
ls -la site/
- uses: jakejarvis/s3-sync-action@master
with:
args: --acl public-read --follow-symlinks --delete
env:
SOURCE_DIR: "site/"
AWS_S3_BUCKET: ${{ vars.PROD_MINIO_BUCKET }}
AWS_S3_ENDPOINT: ${{ vars.PROD_MINIO_HOSTNAME }}
AWS_ACCESS_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}

View File

@ -1,48 +0,0 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: Download Repository
on:
workflow_call:
inputs:
repo:
required: true
type: string
secrets:
ACTIONS_SSH_KEY:
required: true
jobs:
download:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
repository: 'privacyguides/${{ inputs.repo }}'
path: repo-${{ inputs.repo }}
ssh-key: ${{ secrets.ACTIONS_SSH_KEY }}
- uses: actions/upload-artifact@v4
with:
name: repo-${{ inputs.repo }}
path: repo-${{ inputs.repo }}
retention-days: 1

View File

@ -20,7 +20,10 @@
name: ๐Ÿชž Push to Mirrors
on: [ push, delete, create ]
permissions:
contents: read
on: [push, delete, create]
# Ensures that only one mirror task will run at a time.
concurrency:

View File

@ -18,7 +18,7 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: ๐Ÿ“ฆ Publish Pull Request Preview
name: ๐Ÿ“ฆ PR Preview
on:
pull_request_target:
@ -30,17 +30,21 @@ concurrency:
permissions:
pull-requests: write
contents: read
pages: write
id-token: write
jobs:
submodule:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
repo:
- name: mkdocs-material-insiders
ref: main
- name: brand
ref: main
- name: i18n
ref: main
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
repo: ${{ matrix.repo.name }}
secrets:
ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
@ -56,7 +60,7 @@ jobs:
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
@ -67,12 +71,10 @@ jobs:
needs: build
permissions:
contents: read
pages: write
id-token: write
uses: ./.github/workflows/deploy.yml
uses: privacyguides/.github/.github/workflows/deploy-netlify-preview.yml@main
with:
netlify_preview: true
netlify_alias: ${{ github.event.pull_request.head.sha }}
netlify_site_id: ${{ vars.NETLIFY_SITE }}
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
@ -84,7 +86,6 @@ jobs:
env:
address: ${{ needs.deploy.outputs.netlify_preview_address }}
steps:
- uses: thollander/actions-comment-pull-request@v2.5.0
with:
message: |
@ -99,4 +100,4 @@ jobs:
cleanup:
if: ${{ always() }}
needs: build
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

View File

@ -18,12 +18,12 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: ๐Ÿ“ฆ Publish Release
name: ๐Ÿ“ฆ Release
on:
push:
tags:
- '*'
- "*"
permissions:
contents: write
@ -35,7 +35,7 @@ jobs:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
secrets:
@ -48,7 +48,7 @@ jobs:
lang: [en, es, fr, he, it, nl, ru, zh-Hant]
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{ github.ref }}
repo: ${{ github.repository }}
@ -60,7 +60,7 @@ jobs:
needs: submodule
permissions:
contents: read
uses: ./.github/workflows/build-offline.yml
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
release:
name: Create release notes
@ -84,20 +84,17 @@ jobs:
deploy:
needs: build
uses: ./.github/workflows/deploy.yml
uses: ./.github/workflows/deploy-all.yml
with:
netlify_production: true
github_pages: true
bunnycdn_production: true
minio_production: true
secrets:
NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
PROD_BUNNYCDN_API_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
PROD_BUNNYCDN_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
cleanup:
if: ${{ always() }}
needs: [build, buildoffline]
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

View File

@ -31,7 +31,7 @@ jobs:
strategy:
matrix:
repo: [mkdocs-material-insiders, brand, i18n]
uses: ./.github/workflows/download-repo.yml
uses: privacyguides/.github/.github/workflows/download-repo.yml@main
with:
repo: ${{ matrix.repo }}
secrets:
@ -45,7 +45,7 @@ jobs:
fail-fast: false
permissions:
contents: read
uses: ./.github/workflows/build.yml
uses: privacyguides/.github/.github/workflows/build.yml@main
with:
ref: ${{ github.ref }}
repo: ${{ github.repository }}
@ -56,9 +56,9 @@ jobs:
needs: submodule
permissions:
contents: read
uses: ./.github/workflows/build-offline.yml
uses: privacyguides/.github/.github/workflows/build-offline.yml@main
cleanup:
if: ${{ always() }}
needs: [build, buildoffline]
uses: ./.github/workflows/cleanup.yml
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

81
.github/workflows/test-lint.yml vendored Normal file
View File

@ -0,0 +1,81 @@
# Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
name: ๐Ÿค– Linting
permissions:
contents: read
on:
workflow_dispatch:
pull_request:
branches:
- main
push:
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
env:
MAIN_BRANCH: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
jobs:
megalinter:
name: MegaLinter
runs-on: ubuntu-latest
steps:
- if: ${{ env.MAIN_BRANCH }}
uses: actions/checkout@v4
- if: ${{ !env.MAIN_BRANCH }}
uses: actions/checkout@v4
with:
fetch-depth: 0
- id: ml
# You can override MegaLinter flavor used to have faster performances
# More info at https://megalinter.io/flavors/
uses: oxsecurity/megalinter/flavors/documentation@v7.10.0
env:
# All available variables are described in documentation
# https://megalinter.io/configuration/
# Validates all source when push on main, else just the git diff with main.
VALIDATE_ALL_CODEBASE: ${{ env.MAIN_BRANCH }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
DISABLE: COPYPASTE,SPELL,HTML
DISABLE_LINTERS: JSON_JSONLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER
DISABLE_ERRORS_LINTERS: CSS_STYLELINT,MARKDOWN_MARKDOWN_LINK_CHECK,YAML_YAMLLINT
EDITORCONFIG_EDITORCONFIG_CHECKER_ARGUMENTS: -disable-indentation
ENV_DOTENV_LINTER_ARGUMENTS: "--skip QuoteCharacter"
MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_INCLUDE: (docs)
MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.yml
MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: (PULL_REQUEST_TEMPLATE\.md)
# Upload MegaLinter artifacts
- name: Archive production artifacts
if: success() || failure()
uses: actions/upload-artifact@v4
with:
name: MegaLinter reports
path: |
megalinter-reports
mega-linter.log

View File

@ -20,10 +20,13 @@
name: ๐Ÿ’ฌ Crowdin Upload
permissions:
contents: read
on:
workflow_dispatch:
push:
branches: [ main ]
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@ -34,18 +37,17 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Checkout
uses: actions/checkout@v4
- name: crowdin action
uses: crowdin/github-action@v1.20.1
with:
upload_sources: true
upload_sources_args: '--auto-update --delete-obsolete'
download_translations: false
config: crowdin.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
- name: crowdin action
uses: crowdin/github-action@v1.20.1
with:
upload_sources: true
upload_sources_args: "--auto-update --delete-obsolete"
download_translations: false
config: crowdin.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}

5
.gitignore vendored
View File

@ -19,11 +19,6 @@ site
/config/.cache/plugin/social/*
!/config/.cache/plugin/social/fonts
# Editor settings
.vscode/*
!.vscode/extensions.json
!.vscode/settings.json
# Local Netlify folder
.netlify
node_modules

View File

@ -24,8 +24,7 @@ ul-indent:
indent: 4
no-inline-html: false
code-block-style: false
no-hard-tabs:
spaces-per-tab: 4
no-hard-tabs: true
emphasis-style:
style: "asterisk"
no-duplicate-header: false

1
.vscode/.empty-schema.json vendored Normal file
View File

@ -0,0 +1 @@
{}

View File

@ -24,6 +24,9 @@
"DavidAnson.vscode-markdownlint",
"wholroyd.jinja",
"mikestead.dotenv",
"matthewpi.caddyfile-support"
"matthewpi.caddyfile-support",
"redhat.vscode-yaml",
"ecmel.vscode-html-css",
"yzhang.markdown-all-in-one"
]
}

26
.vscode/settings.json vendored
View File

@ -20,6 +20,7 @@
{
"git.ignoreLimitWarning": true,
"ltex.diagnosticSeverity": "hint",
"[markdown]": {
"editor.unicodeHighlight.ambiguousCharacters": true,
"editor.unicodeHighlight.invisibleCharacters": true
@ -31,5 +32,28 @@
"files.associations": {
"*.caddy": "caddyfile",
"*.example-caddy": "caddyfile"
}
},
"editor.unicodeHighlight.invisibleCharacters": true,
"editor.defaultFormatter": "DavidAnson.vscode-markdownlint",
"[yaml]": {
"editor.defaultFormatter": "redhat.vscode-yaml",
"editor.quickSuggestions": {
"other": true,
"comments": false,
"strings": true
}
},
"yaml.schemas": {
"https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json": ".markdownlint.yml",
"https://json.schemastore.org/github-issue-config.json": ".github/ISSUE_TEMPLATE/config.yml",
".vscode/.empty-schema.json": "config/*.yml"
},
"yaml.customTags": [
"!ENV sequence",
"!ENV",
"tag:yaml.org,2002:python/name:pymdownx.superfences.fence_code_format",
"tag:yaml.org,2002:python/name:material.extensions.emoji.twemoji",
"tag:yaml.org,2002:python/name:material.extensions.emoji.to_svg"
],
"editor.formatOnSave": true
}

View File

@ -1,4 +1,4 @@
<!-- markdownlint-disable MD041 -->
<!-- markdownlint-disable MD041 MD045 -->
<div align="center">
<a href="https://www.privacyguides.org">
<picture>
@ -50,9 +50,9 @@ The current list of team members can be found [here](https://www.privacyguides.o
- ๐Ÿ’– [Sponsor the project](https://github.com/sponsors/privacyguides)
- ๐Ÿˆด [Help translate the site](https://crowdin.com/project/privacyguides) [[Matrix chat](https://matrix.to/#/#pg-i18n:aragon.sh)]
- ๐Ÿ“ Edit the site, everything's accessible in this repo
- Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated
- View the list of [approved topics waiting for a PR](https://discuss.privacyguides.net/tag/approved)
- Read some writing tips in our [style guide](https://www.privacyguides.org/en/meta/writing-style)
- Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated
- View the list of [approved topics waiting for a PR](https://discuss.privacyguides.net/tag/approved)
- Read some writing tips in our [style guide](https://www.privacyguides.org/en/meta/writing-style)
All contributors to the site are listed [here](https://github.com/privacyguides/privacyguides.org/graphs/contributors). If you make a substantial (i.e. copyright eligible) contribution to the project and would like to be formally credited, you are welcome to include your information in the appropriate `authors` section in [`CITATION.cff`](/CITATION.cff) as well, just submit a PR or ask @jonaharagon to make the change.

View File

@ -1,5 +1,4 @@
definitions:
- &background_color >-
#FFD06F
@ -35,7 +34,6 @@ definitions:
# Meta tags
tags:
# Open Graph
og:type: website
og:title: *page_title_with_site_name
@ -59,7 +57,6 @@ tags:
# Card size and layers
size: { width: 1200, height: 630 }
layers:
# Background
- background:
color: *background_color

View File

@ -1,5 +1,4 @@
definitions:
- &background_image >-
{%- if page.meta.cover -%}
theme/assets/img/cover/{{ page.meta.cover }}
@ -70,7 +69,6 @@ definitions:
# Meta tags
tags:
# Open Graph
og:type: website
og:title: *page_title_with_site_name
@ -94,7 +92,6 @@ tags:
# Card size and layers
size: { width: 1200, height: 630 }
layers:
# Background
- background:
image: *background_image

View File

@ -1,5 +1,4 @@
definitions:
- &background_image >-
{%- if page.meta.cover -%}
theme/assets/img/cover/{{ page.meta.cover }}
@ -55,7 +54,6 @@ definitions:
# Meta tags
tags:
# Open Graph
og:type: website
og:title: *page_title_with_site_name
@ -79,7 +77,6 @@ tags:
# Card size and layers
size: { width: 1200, height: 630 }
layers:
# Background
- background:
image: *background_image

View File

@ -18,20 +18,29 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
docs_dir: '../docs'
docs_dir: "../docs"
site_url: "https://www.privacyguides.org/"
site_dir: '../site'
site_dir: "../site"
site_name: Privacy Guides
site_description: !ENV [SITE_DESCRIPTION, "Privacy Guides is your central privacy and security resource to protect yourself online."]
copyright: !ENV [FOOTER_COPYRIGHT, "&copy; 2019 Privacy Guides and contributors."]
site_description:
!ENV [
SITE_DESCRIPTION,
"Privacy Guides is your central privacy and security resource to protect yourself online.",
]
copyright:
!ENV [FOOTER_COPYRIGHT, "&copy; 2019 Privacy Guides and contributors."]
edit_uri: edit/main/docs/
extra:
generator: false
context: !ENV [CONTEXT, "production"]
deploy: !ENV DEPLOY_ID
homepage_description: !ENV [DESCRIPTION_HOMEPAGE, "A socially motivated website which provides information about protecting your online data privacy and security."]
homepage_description:
!ENV [
DESCRIPTION_HOMEPAGE,
"A socially motivated website which provides information about protecting your online data privacy and security.",
]
translation_notice: !ENV DESCRIPTION_TRANSLATION
translation_notice_cta: !ENV [DESCRIPTION_TRANSLATION_CTA, "Visit Crowdin"]
translation_notice_language: !ENV LANG_ENGLISH
@ -86,7 +95,11 @@ extra:
icon: https://raw.githubusercontent.com/twitter/twemoji/master/assets/svg/1f1f7-1f1fa.svg
consent:
title: !ENV [ANALYTICS_CONSENT_TITLE, "Contribute anonymous statistics"]
description: !ENV [ANALYTICS_CONSENT_BODY, "We use cookies to collect anonymous usage statistics. You can opt out if you wish."]
description:
!ENV [
ANALYTICS_CONSENT_BODY,
"We use cookies to collect anonymous usage statistics. You can opt out if you wish.",
]
cookies:
umami:
name: Self-Hosted Analytics
@ -219,86 +232,87 @@ markdown_extensions:
toc_depth: 4
nav:
- !ENV [NAV_HOME, 'Home']: 'index.md'
- !ENV [NAV_KNOWLEDGE_BASE, 'Knowledge Base']:
- 'basics/why-privacy-matters.md'
- 'basics/threat-modeling.md'
- 'basics/common-threats.md'
- 'basics/common-misconceptions.md'
- 'basics/account-creation.md'
- 'basics/account-deletion.md'
- !ENV [NAV_TECHNOLOGY_ESSENTIALS, 'Technology Essentials']:
- 'basics/passwords-overview.md'
- 'basics/multi-factor-authentication.md'
- 'basics/email-security.md'
- 'basics/vpn-overview.md'
- !ENV [NAV_ADVANCED_TOPICS, 'Advanced Topics']:
- 'advanced/dns-overview.md'
- 'advanced/tor-overview.md'
- 'advanced/payments.md'
- 'advanced/communication-network-types.md'
- !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']:
- 'os/android-overview.md'
- 'os/ios-overview.md'
- 'os/linux-overview.md'
- 'os/macos-overview.md'
- 'os/qubes-overview.md'
- kb-archive.md
- !ENV [NAV_RECOMMENDATIONS, 'Recommendations']:
- 'tools.md'
- !ENV [NAV_INTERNET_BROWSING, 'Internet Browsing']:
- 'tor.md'
- 'desktop-browsers.md'
- 'mobile-browsers.md'
- !ENV [NAV_PROVIDERS, 'Providers']:
- 'cloud.md'
- 'dns.md'
- 'email-aliasing.md'
- 'email.md'
- 'financial-services.md'
- 'photo-management.md'
- 'search-engines.md'
- 'vpn.md'
- !ENV [NAV_SOFTWARE, 'Software']:
- 'calendar.md'
- 'cryptocurrency.md'
- 'data-redaction.md'
- 'email-clients.md'
- 'encryption.md'
- 'file-sharing.md'
- 'frontends.md'
- 'multi-factor-authentication.md'
- 'news-aggregators.md'
- 'notebooks.md'
- 'passwords.md'
- 'productivity.md'
- 'real-time-communication.md'
- !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']:
- 'android.md'
- 'desktop.md'
- 'router.md'
- !ENV [NAV_ADVANCED, 'Advanced']:
- 'device-integrity.md'
- !ENV [NAV_ABOUT, 'About']:
- 'about/index.md'
- 'about/criteria.md'
- 'about/notices.md'
- 'about/privacy-policy.md'
- 'about/statistics.md'
- !ENV [NAV_COMMUNITY, 'Community']:
- 'about/donate.md'
- !ENV [NAV_ONLINE_SERVICES, 'Online Services']: 'about/services.md'
- !ENV [NAV_CODE_OF_CONDUCT, 'Code of Conduct']: 'CODE_OF_CONDUCT.md'
- 'about/privacytools.md'
- !ENV [NAV_CONTRIBUTING, 'Contributing']:
- !ENV [NAV_WRITING_GUIDE, 'Writing Guide']:
- 'meta/writing-style.md'
- 'meta/admonitions.md'
- 'meta/brand.md'
- 'meta/translations.md'
- !ENV [NAV_TECHNICAL_GUIDES, 'Technical Guides']:
- 'meta/uploading-images.md'
- 'meta/git-recommendations.md'
- !ENV [NAV_CHANGELOG, 'Changelog']: 'https://github.com/privacyguides/privacyguides.org/releases'
- !ENV [NAV_FORUM, 'Forum']: 'https://discuss.privacyguides.net/'
- !ENV [NAV_BLOG, 'Blog']: 'https://blog.privacyguides.org/'
- !ENV [NAV_HOME, "Home"]: "index.md"
- !ENV [NAV_KNOWLEDGE_BASE, "Knowledge Base"]:
- "basics/why-privacy-matters.md"
- "basics/threat-modeling.md"
- "basics/common-threats.md"
- "basics/common-misconceptions.md"
- "basics/account-creation.md"
- "basics/account-deletion.md"
- !ENV [NAV_TECHNOLOGY_ESSENTIALS, "Technology Essentials"]:
- "basics/passwords-overview.md"
- "basics/multi-factor-authentication.md"
- "basics/email-security.md"
- "basics/vpn-overview.md"
- !ENV [NAV_ADVANCED_TOPICS, "Advanced Topics"]:
- "advanced/dns-overview.md"
- "advanced/tor-overview.md"
- "advanced/payments.md"
- "advanced/communication-network-types.md"
- !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]:
- "os/android-overview.md"
- "os/ios-overview.md"
- "os/linux-overview.md"
- "os/macos-overview.md"
- "os/qubes-overview.md"
- kb-archive.md
- !ENV [NAV_RECOMMENDATIONS, "Recommendations"]:
- "tools.md"
- !ENV [NAV_INTERNET_BROWSING, "Internet Browsing"]:
- "tor.md"
- "desktop-browsers.md"
- "mobile-browsers.md"
- !ENV [NAV_PROVIDERS, "Providers"]:
- "cloud.md"
- "dns.md"
- "email-aliasing.md"
- "email.md"
- "financial-services.md"
- "photo-management.md"
- "search-engines.md"
- "vpn.md"
- !ENV [NAV_SOFTWARE, "Software"]:
- "calendar.md"
- "cryptocurrency.md"
- "data-redaction.md"
- "email-clients.md"
- "encryption.md"
- "file-sharing.md"
- "frontends.md"
- "multi-factor-authentication.md"
- "news-aggregators.md"
- "notebooks.md"
- "passwords.md"
- "productivity.md"
- "real-time-communication.md"
- !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]:
- "android.md"
- "desktop.md"
- "router.md"
- !ENV [NAV_ADVANCED, "Advanced"]:
- "device-integrity.md"
- !ENV [NAV_ABOUT, "About"]:
- "about/index.md"
- "about/criteria.md"
- "about/notices.md"
- "about/privacy-policy.md"
- "about/statistics.md"
- !ENV [NAV_COMMUNITY, "Community"]:
- "about/donate.md"
- !ENV [NAV_ONLINE_SERVICES, "Online Services"]: "about/services.md"
- !ENV [NAV_CODE_OF_CONDUCT, "Code of Conduct"]: "CODE_OF_CONDUCT.md"
- "about/privacytools.md"
- !ENV [NAV_CONTRIBUTING, "Contributing"]:
- !ENV [NAV_WRITING_GUIDE, "Writing Guide"]:
- "meta/writing-style.md"
- "meta/admonitions.md"
- "meta/brand.md"
- "meta/translations.md"
- !ENV [NAV_TECHNICAL_GUIDES, "Technical Guides"]:
- "meta/uploading-images.md"
- "meta/git-recommendations.md"
- !ENV [NAV_CHANGELOG, "Changelog"]:
"https://github.com/privacyguides/privacyguides.org/releases"
- !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/"
- !ENV [NAV_BLOG, "Blog"]: "https://blog.privacyguides.org/"

View File

@ -44,5 +44,4 @@ plugins:
enabled: true
social:
enabled: false
# Edit the offline-mode navbar in mkdocs-common.yml

View File

@ -20,7 +20,7 @@
INHERIT: mkdocs-common.yml
site_url: "https://www.privacyguides.org/en/"
site_dir: '../site/en'
site_dir: "../site/en"
theme:
# ENGLISH ONLY: this logo needs to be set separately because the relative path is different

View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/es'
docs_dir: "../i18n/es"
site_url: "https://www.privacyguides.org/es/"
site_dir: '../site/es'
site_dir: "../site/es"
edit_uri: edit/main/i18n/es/

View File

@ -19,9 +19,9 @@
# IN THE SOFTWARE.
INHERIT: mkdocs-common.yml
docs_dir: '../i18n/fr'